Industry Perspective

As the Department of Defense (DoD) moves toward more decentralized, cloud computing environments promoting a services delivery approach to information operations, the limitations of our current methods of protecting critical data and information technology (IT) assets are becoming increasingly apparent. The DoD needs effective yet flexible cyber security solutions capable of supporting ubiquitous access to critical information while protecting that information regardless of its location or service provider. This requires innovative solutions adopting a more data-centric security model that enables, rather than inhibits, information sharing.

STOP.THINK.CONNECT. and the Department of Homeland Security aim to encourage Americans to be more vigilant about practicing safe, online habits; transform the way the public and private sectors and the Federal government collaborate to make cybersecurity a reality; and ensure that Internet safety is perceived as a shared responsibility at home, in the workplace, and throughout our communities.

In collaboration with NIST (national lead), DHS, and NSA, the Global Institute for Cyber Security Research (GICSR) supports the National Initiative for Cybersecurity Education (NICE) - an operational, sustainable and continually improving cybersecurity education program (K-20) for the nation to use sound cyber practices that will enhance the nation’s security.

This blog from telework expert Josh Sawislak explores the government's challenge of balancing security with mobility.

Security and accessibility are two crucial items in all telework plans. Will your employees get company-issued equipment, or will they use their personal devices? Will you give them full access, or limit what they can do remotely? Technology experts at the Fall 2011 Telework Exchange Town Hall Meeting say the key steps to creating a telework plan are taking inventory of your technology, determining the role of your employees and the type of access they'll need, and creating a risk mitigation strategy.

No matter how complex the system, cyber security boils down to the basics. Check out the resources on National Cyber Security Alliance's website for a crash course in data protection.

In 2011, The SANS Institute developed these 20 cyber security controls with a consortium brought together by John Gilligan (previously CIO of the US Department of Energy and the US Air Force) under the auspices of the Center for Strategic and International Studies. Members of the Consortium include NSA, US Cert, DoD JTF-GNO, the Department of Energy Nuclear Laboratories, Department of State, DoD Cyber Crime Center plus the top commercial forensics experts and pen testers serving the banking and critical infrastructure communities.

We live and work in, and are dependent on, a networked world. That is why the Business Software Alliance, the Center for Democracy and Technology, the Internet Security Alliance, TechAmerica, and the U.S. Chamber of Commerce believe that the cybersecurity of our critical infrastructure must be a national priority. However, the complexity and interconnected nature of the Internet, and the ever-evolving and sophisticated threat environment, put cybersecurity beyond the reach of any single entity: to secure our critical infrastructure, companies must work together, government must coordinate its efforts, and industry and government must collaborate.